Risk Management Plan

Purpose and Scope

Risk Management is the systematic process of identifying, analyzing, and responding to project risks. It includes maximizing the probability and consequences of positive events and minimizing the probability and consequences of adverse events to project objectives. This risk management plan defines how Volum8 will handle risks to achieve that goal.

Risk Related Definitions

There are a number of terms used in risk management that we need to define to ensure clear communications.

Risk

An uncertain event or condition that, if it occurs, has a positive or negative effect on a project’s objectives. Risk is often a measure of the inability to achieve overall project objectives within defined project requirements and constraints and has three components: (1) the probability of occurrence, (2) the impact of the risk on the program, and (3) the time horizon during which the consequences will occur if the risk is not mitigated.

Probability of Occurrence

Percentage	Expression	Number Score
91% - 99%	Very likely to occur	5
61% - 90%	Probably will occur	4
41% - 60%	May Occur	3
11% - 40%	Unlikely to occur	2
1% - 10%	Very unlikely to occur	1

Risk Impact

Critical

An event that, if it occurred, would cause project failure or the inability to achieve minimum acceptable requirements.

Serious

An event that, if it occurred, would cause major cost/ schedule increases

Moderate

An event that, if it occurred, would cause moderate cost/ schedule increases.

Minor

An event that, if it occurred, would cause only a small cost/schedule increase.

Negligible

An event that, if it occurred, would have no effect on the project.

Risk Score

The risk score is a value calculated that is the product of probability of occurrence and impact. You use the score to compare risks as part of the risk prioritization process. The definitions of Low, Moderate, and High are as follows:

• Low Risk: Has little or no potential for increase in cost, disruption of schedule, or degradation of performance. Actions within the scope of the planned project and normal management attention should result in controlling acceptable risk. No response plans will be made for these risks. The project will monitor for them and manage them as they come up.

• Moderate Risk: May cause some increase in cost, disruption of schedule, or degradation of performance. Special action and management attention may be required to control acceptable risk. The project will do some response planning for these risks.

• High Risk: Likely to cause significant increase in cost, disruption of schedule, or degradation of performance. Significant additional action and high priority management attention will be required to control acceptable risk. The project will do in-depth response plans for these risks. Positive risks can use the same table and descriptions except instead of trying to avoid the risk, we will endeavor to make the risk occur and gain the positive impact.

Risk Management Plan

Project Manager

• Maintaining this Risk Management Plan

• Maintaining the Risk Management Database and distributing updates

• Briefing the team on the status of risks

• Tracking efforts to reduce moderate and high risk to acceptable levels

• Providing risk management training

• Facilitating risk assessments and

• Preparing risk briefings, reports, and documents required for Project Reviews

Project Team

• Coordinate with SMEs to review and recommend to the Project Manager changes on the overall risk management approach based on lessons learned.

• Quarterly, or as directed, participate in the update to project risk assessments made during the previous review period.

• Review and recommend any changes to the risk assessments made and the risk mitigation plans proposed

• Report new risks to the Project Manager via email

• Ensure that risk is a required topic at each Project Meeting

• Accomplish assigned mitigation tasks and report status/completion of mitigation actions to the Project Manager for entry into the database.

Subject Matter Experts (SMEs)

• Review and recommend to the Project Manager changeson the overall risk management approach based on lessons learned.

• Quarterly, or as directed, participate in the update to program risk assessments made during the previous quarter.

• Review and recommend any changes to the risk assessments made and the risk mitigation plans proposed

• Report new risks to the Project Manager via e-mail

• Accomplish assigned mitigation tasks and report status/completion of mitigation actions to the Project Manager for entry into the database

End Users

The end users will participate in the project through the SMEs. The End Users may identify risks and should pass the information through the SMEs or Project Team. All risk identification, tasking, and reporting will be handled through the project team member(s) assigned to the End User